Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Prior to version 1.3.3, an attacker can create, delete etc. tags without having the permission to do so. A fix is available in version 1.3.3. As a workaround, one may apply the patch manually.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-02-07T17:17:58.580Z
Updated: 2024-08-01T23:28:12.814Z
Reserved: 2024-01-31T16:28:17.944Z
Link: CVE-2024-24822
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-02-07T18:15:54.147
Modified: 2024-02-15T15:43:07.647
Link: CVE-2024-24822
Redhat
No data.